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What is claimed is: 



1 1. A method for provisioning users with resources, the method comprising the 

2 steps of: 

3 establishing a set of attributes, organizational information, and user roles; 

4 defining a plurality of resource provisioning policies based on selected 
; 5 attributes, organizational information, and user roles; 

^ 6 receiving attribute information, organizational information, and user role 

7 information for a particular user, resource, or database; 
>. 8 determining which resource provisioning policies are applicable to the user 



\0 9 based on the received user role information, organizational information, and attribute 
\j 10 information; and 



^^11 provisioning the user with resources based on the applicable resource 

12 provisioning policies. 

^ 1 2. A method as recited in claim 1, the user roles comprising a yes value and a no 

fU 2 value, the attributes comprising multiple non-binary values. 

fi 

1 3. A method as recited in claim 2, further including the step of reconciling 

2 resources by comparing resources currently provisioned to the user with a list of resources that 

3 should be provisioned to the user based on the applicable resource access policies, and 

4 identifying any differences. 

1 4. A method as recited in claim 3, further including the step provisioning or de- 

2 provisioning resources to the user based on the differences detected by reconciliation. 

1 5. A method as recited in claim 2, further including the step of de-provisioning the 

2 user with some or all of the user's allocated resources if the user is terminated, suspended, or 

3 placed on leave. 
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1 6. A method as recited in claim 2, further including the steps of: 

2 receiving timing information related to the timing of the provisioning or 

3 resources; and 

4 provisioning the user with resources at a certain time specified by the timing 

5 information. 

1 7. A method as recited in claim 2, the attributes comprising user attributes and 

J) 2 resource attributes. 

1 8. A method as recited in claim 2, further including the step of provisioning the 

M 2 user with "hard" resources and "soft" resources. 

.a 

'■^ i 

^ 1 9. A method as recited in claim 2, further including the step of provisioning the 

2 user with resource bundles. 

y I 

m 

L. 1 10. A method as recited in claim 2, further including the step of defining a plurality 



2 of resource provisioning policies utilizing decision statements that allow irrelevant steps to be 

fit 

iy 3 bypassed. 

LJ 

1 11 . A method as recited in claim 2, the step of provisioning the user with resources 

2 comprising communicating requests for the resources to applications or persons. 
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1 12. A system for provisioning users with resources, the system comprising: 

2 memory for storing a set of attributes, organizational information, and user 

3 roles, a plurality of resource provisioning policies based on selected attributes, organizational 

4 information, and user roles, and attribute information and user role information for a particular 

5 user or resource; and 

6 one or more processors coupled to the memory and an organizational network, 

7 the processors programmed for 

8 determining which resource provisioning policies are applicable to a 



9 particular user based on the stored user role information, organizational information, and 

^ 10 attribute information, and 

□I 

^ 1 1 provisioning the user with resources based on the applicable resource 

. 1 12 provisioning policies . 

^1 13. A system as recited in claim 12, the user roles having a yes value and a no 

2 value, the attributes comprising multiple non-binary values. 

P 

hi 1 14. A system as recited in claim 13, the one or more processors further 

£ 2 progranmied for reconciling resources by comparing resources currently provisioned to the 

M 3 user with a list of resources that should be provisioned to the user based on the applicable 

4 resource provisioning policies, and identifying any differences. 

1 15. A system as recited in claim 14, the one or more processors fiirther 

2 programmed for provisioning or de-provisioning resources to the user based on the differences 

3 detected by reconciliation. 

1 16. A system as recited in claim 13, the one or more processors further 

2 programmed for de-provisioning the user with some or all of the user's allocated resources if 

3 the user is terminated, suspended, or placed on leave. 
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.1 17. A system as recited in claim 13, the one or more processors further 

2 programmed for: 

/' 3 receiving timing information related to the timing of the provisioning or 

4 resources; and 

5 provisioning the user with resources at a certain time specified by the timing 

„ ) 

6 information. 

r I 18. A system as recited in claim 13, the attributes comprising user attributes and 

2 resource attributes, 

Q 1 19. A system as recited in claim 13, wherein the user may be provisioned with 

v| 2 "hard" resources and "soft" resources. 

-e 

flj 1 20. A system as recited in claim 13, wherein the user is provisioned with resource 

Oi 2 bundles. 

b 

U 1 21. A system as recited in claim 13, the plurality of resource provisioning policies 

[q 2 utilizing decision statements that allow irrelevant steps to be bypassed. 
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